Implementing Access Control

Question 1

You are configuring Windows Dynamic Access Control. You have created a user claim, enabled the “Department” resource property, and you have created an Access Control Rule. What must you also do?

• Add the central access rule to the server audit list
• Add the central access rule to a Central Access Policy (CAS), deploy the CAS using Group Policy
• Install Routing and Remote Access on file servers
• Install File Server Resource Manager on file servers

Answer 1

• Add the central access rule to a Central Access Policy (CAS), deploy the CAS using Group Policy
• Install File Server Resource Manager on file servers

Question 2

Which Linux command can be used to manage file system permissions?

• grep
• ps
• sudo
• chmod

Answer 2

chmod

Question 3

Which security principal strives to grant only those permissions required to perform a specific task?
Instruction: Choose the option that best answers the question.
Answer Choices

Multifactor authentication

Defence in-depth

Principal of least privilege

Single sign-on

Answer 3

Principal of least privilege

Question 4

You have used the Delegation of Control wizard to assign Active Directory management permissions to a user named LBrenner to an OU named East. You would like to modify the management permissions for LBrenner. What should you do?
Instruction: Choose all options that best answer the question.
Answer Choices

In Active Directory Users and Computers, remove the Users container

Open the properties of the Active Directory domain and click the Security tab

In Active Directory Users and Computers, enable the Advanced view

Open the properties of the East OU and click the Security tab

Answer 4

• In Active Directory Users and Computers, enable the Advanced view
• Open the properties of the East OU and click the Security tab

Question 5

You are using the Azure portal to configure RBAC. You have opened the properties of a resource group. What should you click on to configure RBAC?
Instruction: Choose the option that best answers the question.
Answer Choices

Properties

Security

Access Control (IAM)

Monitoring

Answer 5

Access Control (IAM)

Question 6

Which access control model uses the operating system to determine resource access?
Instruction: Choose the option that best answers the question.
Answer Choices

DAC

MAC

RBAC

ABAC

Answer 6

MAC

Question 7

You are attempting to create a dynamic user group in Microsoft Azure Active Directory, but the group type drop-down list contains “Assigned” and is greyed out. What is the problem?
Instruction: Choose the option that best answers the question.
Answer Choices

Your account does not have sufficient permissions

You must enable at least an Azure AD Premium P1 license

You are using the default Azure AD tenant; create a new tenant

The group must first have existing members

Answer 7

You must enable at least an Azure AD Premium P1 license

Question 8

Which Group Policy setting should be enabled to audit Windows file system access?
Instruction: Choose the option that best answers the question.
Answer Choices

Audit object access

Audit logon access

Audit Active Directory events

Audit logoff access

Answer 8

Audit object access

Question 9

You need to set NTFS file system permissions on a Windows host. You have opened the properties of a file system folder. What should you click next?
Instruction: Choose the option that best answers the question.
Answer Choices

Classification

Sharing

Security

Auditing

Answer 9

Security